(shardingsphere) branch master updated: Fix CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, CVE-2021-22569, CVE-2021-22570 (#37888)

Thu, 29 Jan 2026 04:20:00 -0800 

This is an automated email from the ASF dual-hosted git repository.

zhangliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git


The following commit(s) were added to refs/heads/master by this push:
     new 61e8f076a77 Fix CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, 
CVE-2021-22569, CVE-2021-22570 (#37888)
61e8f076a77 is described below

commit 61e8f076a7761734173bb511bd8e0299caae082f
Author: Liang Zhang <[email protected]>
AuthorDate: Thu Jan 29 20:19:45 2026 +0800

    Fix CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, CVE-2021-22569, 
CVE-2021-22570 (#37888)
    
    * Fix CVE CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, CVE-2021-22569, 
CVE-2021-22570
    
    * Fix CVE CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, CVE-2021-22569, 
CVE-2021-22570
    
    * Fix CVE CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, CVE-2021-22569, 
CVE-2021-22570
    
    * Fix CVE CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, CVE-2021-22569, 
CVE-2021-22570
    
    * Fix CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, CVE-2021-22569, 
CVE-2021-22570
---
 RELEASE-NOTES.md |  1 +
 pom.xml          | 11 +++++++++++
 2 files changed, 12 insertions(+)

diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md
index b94bdfb60e6..b4215e244ce 100644
--- a/RELEASE-NOTES.md
+++ b/RELEASE-NOTES.md
@@ -13,6 +13,7 @@
 1. Fix CVE-2025-55163, CVE-2025-58056, CVE-2025-58057 
[#36758](https://github.com/apache/shardingsphere/pull/36758)
 1. Fix CVE-2025-48924 
[#36085](https://github.com/apache/shardingsphere/pull/36085)
 1. Fix CVE-2024-7254 
[#36153](https://github.com/apache/shardingsphere/pull/36153)
+1. Fix CVE-2015-5237, CVE-2024-7254, CVE-2022-3171, CVE-2021-22569, 
CVE-2021-22570 [#37888](https://github.com/apache/shardingsphere/pull/37888)
 
 ### Metadata Storage Changes
 
diff --git a/pom.xml b/pom.xml
index c51df4ef161..c7a98b6a607 100644
--- a/pom.xml
+++ b/pom.xml
@@ -336,6 +336,17 @@
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
+            <dependency>
+                <groupId>io.netty</groupId>
+                <artifactId>netty-codec-protobuf</artifactId>
+                <version>${netty.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>com.google.protobuf.nano</groupId>
+                        <artifactId>protobuf-javanano</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
             
             <dependency>
                 <groupId>org.apache.calcite</groupId>

Reply via email to